#6336: XSS Vulner (index.php/anystuff here)
---------------------------------+------------------------------------------
Reporter: bakyt.niyazov | Owner:
Type: Security Exploit | Status: new
Priority: Critical | Milestone: 1.2.x.x
Component: General | Version: 1.2 Final
Severity: Critical | Resolution:
Keywords: | Php_version: n/a
Cake_version: |
---------------------------------+------------------------------------------
Comment (by ionas82):
I can confirm [[BR]]
[[BR]]
http://www.example.com/index.php/index.php/";><h1>Heya</h1> displays Heya
multiple times on my application (multiple requestActions I think).[[BR]]
[[BR]]
As that is unwanted your fix helped! Thanks.
--
Ticket URL: <https://trac.cakephp.org/ticket/6336#comment:3>
CakePHP : The Rapid Development Framework for PHP <https://trac.cakephp.org/>
Cake is a rapid development framework for PHP which uses commonly known design
patterns like ActiveRecord, Association Data Mapping, Front Controller and MVC.
Our primary goal is to provide a structured framework that enables PHP users at
all levels to rapidly develop robust web applications, without any loss to
flexibility.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"tickets cakephp" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/tickets-cakephp?hl=en
-~----------~----~----~----~------~----~------~--~---
